Solved

Postfix & PGP

Posted on 2006-07-11
5
1,569 Views
Last Modified: 2008-03-10
I'm looking to harden my email server and one of the things I want to do is store inbound email on the server in PGP encrypted form.  Email arrives via SMTP unencrypted and I want to have it encrypted before it is stored in the Mailbox.  The point is to safeguard against email being picked up in the event that someone should breech the security of the server and gain access to files and or gain access to pop3 or imap.  The pgp encrypted email would be downloaded by the client and unencrypted by software on the client.  Can anyone point me in the right direction for finding such a filter for Postfix?

Thanks!
0
Comment
Question by:phasevar
  • 3
  • 2
5 Comments
 
LVL 40

Expert Comment

by:noci
ID: 17088543
If your server is breached you're toast anyway, the intruder will be able find your pgp script and known some keys/passwords etc.

If you need POP et al. At least use RPOP version of the protocol, or use SSL based versions of POP and IMAP.
this to prevent snooping and eavesdropping.

I have no knowledge of any imap/pop-servers that support your original request.  It also won't help the performance
of your mail solution. As POP & IMAP need access to the mail to make an index. ==> have to decrypt all
before supplying an answer to the first question from any client, "can I have all headers please":


0
 
LVL 40

Expert Comment

by:noci
ID: 17088553
BTW,

cyrus-imap server might be the way to go, it uses a database to store stuff..., at least raises the bar a little.
and it's a quite fast server.
0
 

Author Comment

by:phasevar
ID: 17091785
noci, PGP is public-key cryptography.  The server should only have a public key for each mailbox and the private keys needed to decrypt the messages are stored on each client.  So in event of a server breach, encrypted mail should not be able to be read without the private key.

As for indexing, I don't think pgp encrypts the headers.  PGP is used in mail already, but usually it's encrypted by the sender, not the receiving mail server.  If it travels through the mail system now, it has to have plaintext headers.

It's not the imap/pop server that would need pgp support.  It would be a filter in the Postfix incoming SMTP stage during mail queue delivery to local addresses.

Thanks for the tip on cyrus.  I've wondered about database storage for mailboxes.
0
 
LVL 40

Accepted Solution

by:
noci earned 500 total points
ID: 17093591
I assumed you wanted to encrypt the message as a whole (including the headers).
As far as mail is concerned SMTP wise there are two things...
= The Envelope (containing Sender & Receipent(s)) that only lives when a message travels from MTA => MTA and the enveloppe
    is lost on delivery at a MUA  (MTA= Mail Transfer Agent, aka postman; MUA = Useragent aka Mail Store/Mailbox + retrieval tools).
= The Content (Whole message Headers + content as one blob) The separation between header and message is on the first empty line.

Your option needs a special kind of MUA I haven't yet seen. You'll need a tool that first splits the message into its parts and the assembles
all the parts again with encryption. It can be done, but what's the point...,

The message travels across other mta's where it's not protected (you can find out how many by reading the "Received lines" in the header).
During transmission over cables it is sent in clear text, anybody with access to the right part of the cable can tap into it.
In Europe your message will end up in at least one government database as part of "Anti-Terrorist" legislation. All ISP's have to comply Jan 1st, 2007
at the latest.

Therefore if you want to  prevent access everybody needs  to encrypt their message at the source... The sender.
0
 

Author Comment

by:phasevar
ID: 17101882
Ideally all senders would encrypt their messages but that's just wishful thinking.  For instance, I don't see Amazon.com sending out receipts in pgp anytime soon.

I know the whole chain isn't secure and that email passes through many points before it reaches my server but I was just hoping to add that little bit of extra security in the event that someone were to breach the server security and gain access to the mail files.  Obviously that would do nothing to circumvent the man-in-the-middle who is actively watching for the mail.

Thanks for your help.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
Fine Tune your automatic Updates for Ubuntu / Debian
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question